US9883002B2 - Method and system for accessing website - Google Patents

Method and system for accessing website Download PDF

Info

Publication number
US9883002B2
US9883002B2 US14/388,083 US201314388083A US9883002B2 US 9883002 B2 US9883002 B2 US 9883002B2 US 201314388083 A US201314388083 A US 201314388083A US 9883002 B2 US9883002 B2 US 9883002B2
Authority
US
United States
Prior art keywords
address
domain name
target
request
identification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US14/388,083
Other languages
English (en)
Other versions
US20150237158A1 (en
Inventor
Binyan Dong
Peng Sun
Huan Ren
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Qihoo Technology Co Ltd
Original Assignee
Beijing Qihoo Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Qihoo Technology Co Ltd filed Critical Beijing Qihoo Technology Co Ltd
Assigned to BEIJING QIHOO TECHNOLOGY COMPANY LIMITED reassignment BEIJING QIHOO TECHNOLOGY COMPANY LIMITED ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: DONG, Binyan, REN, Huan, SUN, PENG
Publication of US20150237158A1 publication Critical patent/US20150237158A1/en
Application granted granted Critical
Publication of US9883002B2 publication Critical patent/US9883002B2/en
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/563Data redirection of data network streams
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]
    • H04L67/2814
    • H04L61/1576
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4505Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols
    • H04L61/4511Network directories; Name-to-address mapping using standardised directories; using standardised directory access protocols using domain name system [DNS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/45Network directories; Name-to-address mapping
    • H04L61/4552Lookup mechanisms between a plurality of directories; Synchronisation of directories, e.g. metadirectories
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/42
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/561Adding application-functional data or data for application control, e.g. adding metadata

Definitions

  • the present invention relates to the technical field of network, and particularly to a method and system for accessing a website.
  • the environment of the Education Network is relatively complex, and the Education Network is accessed in a complete CERNET mode in some colleges and in a hybrid access mode of Chinese Unicom, Chinese Telecom and Chinese Mobile in some other colleges. Due to the limitation of charging and the network itself, part of the colleges encounter the problem that they cannot access overseas websites.
  • a solution in the prior art is to build a proxy server and send an HTTP access request of a browser to the proxy server.
  • the proxy server is a server for a client and a client for a server, namely, it serves as an intermediary between the actual client and server ends.
  • a web proxy server is also known as online proxy server.
  • the web proxy server is a proxy server program running in a webpage, and can be accessed by inputting a web address and selecting a proxy server without any setting.
  • the web proxy server caches webpages and files of a remote website for the client so that the client can browse the remote website more quickly and securely.
  • Some web proxy server websites are updated every day, so that the speed of accessing a link is also relatively fast.
  • the principle of the web proxy server may be briefly summarized as follows: user's access—web proxy server—target website—returning to the user.
  • web proxy server target website—returning to the user.
  • the web proxy server itself is a webpage and includes a lot of content, use of the web proxy server will consume a lot of traffic, and a website providing the web proxy server is probably confronted with problems such as depletion of the traffic or instability. Besides, the speed of surfing on the Internet via the web proxy server is slower than of normal surfing.
  • the second method is the so-called transparent proxy server, namely, a client directly accesses a target website through a proxy server.
  • the solution may be roughly described as follows: the client first establishes connection to the proxy server, then requests to establish connection to a target server or obtains a designated resource of the target server according to the proxy server protocol used by the proxy server.
  • the solution can solve the drawbacks of the aforesaid web proxy server.
  • the proxy server once the client uses the proxy server, it will send all local http access requests to the proxy server, the proxy server then construct a DNS (Domain Name System) request according to the http access requests to query for the IP of the target website, and then obtains corresponding content from the target website and returns it to the client.
  • DNS Domain Name System
  • the proxy server since all http access requests are totally delivered to the proxy server, the proxy server has excessive load and its performance is reduced. That is to say, in the prior art, if the client has an IP that belongs to a predetermined IP address library and cannot directly access websites outside the predetermined IP address library, when the client uses the proxy server to access websites outside the IP address library, all the client's HTTP access requests will be forwarded and received via the proxy server. Since all http requests are delivered to the proxy server, successive load is caused to the proxy server and the performance of the proxy server is reduced.
  • the present invention is proposed to provide a method and a system for accessing a website, which can overcome the above problems or at least partially solve or ease the above problems.
  • a method for accessing a website comprising: constructing a first domain name query request according to a domain name in a webpage request of a client, and sending the first domain name query request to a first domain name server; obtaining an identification IP address returned by the first domain name server, wherein the identification IP address is used to identify whether an target IP address corresponding to the domain name in the webpage request belongs to a predetermined IP address library or not; according to the identification IP address, judging to replace the target IP address corresponding to the domain name in the webpage request with an IP address of a proxy server, and according to the IP address corresponding to the proxy server, sending the webpage access request to the proxy server.
  • a method for accessing a website comprising: receiving a first domain name query request sent by a client; constructing a second domain name query request according to the first domain name query request, and sending it to a second domain name server; after obtaining a response from the second domain name server, resolving a target IP address corresponding to the response, wherein the target IP address is corresponding to a domain name of the webpage request; judging according to a predetermined IP address library whether the target IP address is in the predetermined IP address library, and generating an identification IP address according to the judgment result, wherein the identification IP address is used to identify whether the target IP address corresponding to the domain name in the webpage request belongs to the predetermined IP address library or not; returning the identification IP address to the client.
  • a device for accessing a website comprising: a domain name reconstructing module configured to construct a first domain name query request according to a domain name in a webpage request of a client, and send the first domain name query request to a first domain name server; an address obtaining module configured to obtain an identification IP address returned by the first domain name server, wherein the identification IP address is used to identify whether an target IP address corresponding to the domain name in the webpage request belongs to a predetermined IP address library or not; a judging module configured to, according to the identification IP address, judge to replace the target IP address corresponding to the domain name in the webpage request with an IP address of a proxy server, and according to the IP address corresponding to the proxy server, send the webpage access request to the proxy server.
  • a device for accessing a website comprising: a domain name query request receiving module configured to receive a first domain name query request sent by a client; a domain name query request processing module configured to construct a second domain name query request according to the first domain name query request, and send it to a second domain name server; a domain name query request response processing module configured to, after obtaining a response from the second domain name server, resolve a target IP address corresponding to the response, wherein the target IP address is corresponding to a domain name of the webpage request; a target IP address judging module configured to judge according to a predetermined IP address library whether the IP address is in the predetermined IP address library, and generate an identification IP address according to the judgment result, wherein the identification IP address is used to identify whether the target IP address corresponding to the domain name in the webpage request belongs to the predetermined IP address library or not; a returning module configured to return the identification IP address to the client.
  • a computer program which comprises a computer readable code, wherein when the computer readable code is run on a server, the server executes the method for accessing a website according to any one of claims 1 - 12 .
  • a computer readable medium which stores the computer program according to claim 25 .
  • a first domain name request is constructed according to the domain name in the client's webpage request, and sent to the first domain name server.
  • the first domain name server judges whether the target IP address corresponding to the domain name is in the predetermined IP address library, and the client is notified according to the judgment result to decide whether to replace the target IP corresponding to the domain name in the webpage request with the IP address of the proxy server.
  • FIG. 1 illustrates a flow chart of a method for accessing a website according to an embodiment of the present invention
  • FIG. 2 illustrates a flow chart of a method for accessing a website corresponding to FIG. 1 according to an embodiment of the present invention
  • FIG. 3 illustrates a structural schematic view of a device for accessing a website according to an embodiment of the present invention
  • FIG. 4 illustrates a structural schematic view of a device for accessing a website corresponding to FIG. 3 according to an embodiment of the present invention
  • FIG. 5 illustrates a structural schematic view of a system for accessing a website according to an embodiment of the present invention
  • FIG. 6 illustrates a block diagram of a server for executing the method according to the present invention.
  • FIG. 7 illustrates a memory unit for maintaining or carrying a program code for implementing the method according to the present invention.
  • FIG. 1 illustrates a flow chart of a method for accessing a website according to the present invention.
  • the method may comprise the following steps:
  • Step 110 constructing a first domain name query request according to a domain name in a webpage request of a client, and sending the request to a first domain name server.
  • a first domain name server (a first DNS server) and a proxy server may be preset, wherein the first domain name server is used to obtain the first domain name query request sent by the client, namely, a target IP address corresponding to the domain name in the DNS query request.
  • the working principle of the domain name server is generally as follows:
  • a first step a client A makes a domain name resolution request and sends the request to a local domain name server.
  • a second step after the local domain name server receives the request, it queries a local cache, and it directly returns a query result if there is this record entry.
  • a third step if there is not this record in the local cache, the local domain name server directly sends the request to a root domain name server, and then the root domain name server returns an address of a main domain name server of a queried domain (a subdomain of the root) to the local domain name server.
  • a fourth step the local server sends a request to the domain name server returned in the previous step, then the server receiving the request queries its own cache, and returns an address of a domain name server at a relevant lower level if there is not this record.
  • a fifth step the fourth step is repeated until a correct record is found.
  • a sixth step the local domain name server stores the returned result in the cache for use next time, and meanwhile returns the result to the client A.
  • the client A generally obtains an IP corresponding to a final domain name only from the domain name server that is the first one receiving the client A′s domain name query request.
  • the client itself generally sets a default local domain name server.
  • the query first begins with the default local domain name server to obtain an IP corresponding to the domain name in the HTTP request.
  • the HTTP request occurs at the client, first the client's webpage request is intercepted, the first domain name query request is initiatively constructed according to the domain name in the client's HTTP request, and the first domain name query request is sent to the first domain name server.
  • optimal DNS IP may be resolved quickly for the client in the Education Network, thereby avoiding network delay caused by a too long DNS IP resolution path caused by the situation such as that the default DNS server is not in the Education Network.
  • the client performs resolution for the domain name in the HTTP request, and constructs a DNS request based on the domain name and sends it to the first domain name server.
  • the step of constructing the first domain name query request according to the domain name in the webpage request of the client and sending the request to the first domain name server comprises:
  • Step S 111 hooking a domain name query function in an operating system by a hook function.
  • Hook may be implemented by Detours library provided by Microsoft, i.e., a system domain name query function Getaddrinfo is hooked by a hook function.
  • the domain name query function Getaddrinfo may be used for domain name resolution service, e.g., translating www.***.com into a corresponding IP address so that a network program performs connection.
  • the domain name query function Getaddrinfo may construct DNS A or AAAA command according to RFC1035 protocol, send it to a DNS server, and resolves a response returned by the DNS server to get an IP list.
  • the first IP address in the IP list is selected as the IP address corresponding to the domain name.
  • directional sending of the DNS query request may be achieved by hooking the domain name query function.
  • Step S 112 constructing the first domain name query request for the domain name in the client's webpage request by means of the domain query function.
  • the first domain name query request is constructed based on the local client's IP address and the IP address of the preset first domain name server in the present application.
  • the first domain name query request is constructed also in combination with a port of the first domain name server.
  • a response is constructed with the client's IP address and the IP address of the first domain name server, and the response is returned to the client.
  • FIG. 2 b it illustrates an example of DNS response.
  • Step S 113 sending the first domain name query request to the first domain name server.
  • the domain name query function is hooked at the client to construct the aforesaid first domain name query request
  • the first domain name query request is sent to the first domain name server.
  • the sending of the first domain name query request to the first domain name server comprises:
  • Step S 11 sending the domain name query request to the first domain name server by means of an asynchronous I/O mechanism.
  • ports are bound in an asynchronous and concurrency mode so that some firewalls prohibits use of other DNS servers other than the DNS IP designed by the firewalls. For example, since port 80 is bound, generally the firewall mistakes it as HTTP traffic, so such rules may be broken through.
  • the asynchronous I/O mechanism comprises I/O completion port mechanism. That is, the DNS query request is sent to the DNS server asynchronously and concurrently by means of POCP mechanism.
  • Windows operating system provides asynchronous transmission I/O mechanisms such as asynchronous selection (WSAAsyncSelect), event selection (WSAEventSelect), overlapped I/O and completion port (CompletI/On Port). Therefore, the present application may also use other mechanisms selected from the above asynchronous mechanism.
  • the present application preferably uses I/O completion port mechanism.
  • “Completion Port” mechanism is the most complicated I/O mechanism to date. However, if one application program needs to simultaneously manage many sockets, an optimal system performance may be achieved by using this mechanism.
  • Winsock2 enables Socket I/O to have a uniform port with file I/O.
  • Socket I/O may be performed by Win32 file operating function ReadFile and WriteFile.
  • the Overlapped I/O mechanism and Completion Port mechanism for ordinary file I/O may also apply to Socket I/O.
  • the mechanism is advantage in achieving a better system performance, but with a complicated implementation procedure.
  • this mechanism is an asynchronous I/O mechanism provided by Winsock.
  • an application program may receive a Windows message-based network event notification over one socket. Specifically, after a socket is duly built, WSAAsyncSelect is invoked.
  • this mechanism is an asynchronous I/O mechanism provided by Winsock. It is similar to asynchronous selection mechanism, allows the application program receives an event-based network event notification over one or more sockets.
  • the sending of the first domain name query request to the first domain name server may further comprise:
  • Step P 111 synchronously sending the domain name query request to the first domain name server.
  • Step 120 obtaining an identification IP address returned by the first domain name server, wherein the identification IP address is used to identify whether an target IP address corresponding to the domain name in the webpage request belongs to a predetermined IP address library or not.
  • a processing procedure of the first domain name server comprises:
  • Step A 1 receiving the first domain name query request sent by the client;
  • a target IP address corresponding to the domain name in the client's HTTP request may be obtained according to the DNS query mechanism.
  • the first domain name server first obtains the first domain name query request send by the client.
  • Step A 2 constructing a second domain name query request according to the first domain name query request, and sending it to a second domain name server.
  • the first domain name server generally does not have a function of querying for the target IP address corresponding to the domain name, and the request needs to be forwarded to the second domain name server having an actual query function to query for the target IP address corresponding to the domain name.
  • the IP address corresponding to the domain name is queried according to a corresponding routing path.
  • the step of constructing the second domain name query request according to the first domain name query request and sending it to the second domain name server comprises:
  • Step A 21 resolving the first domain name query request to obtain the domain name of the webpage request.
  • the domain name of the webpage request of the client is resolved from the first domain name query request according to a resolution protocol.
  • Step A 22 constructing the second domain name query request based on the domain name by means of a domain name query protocol.
  • Step A 23 sending the second domain name query request to the second domain name server.
  • the preset first domain name server itself is generally not responsible for querying for and resolving the target IP address corresponding to the domain name, but constructs the second domain name query request according to the domain name and sends it to the second domain name server, and an response including the IP address corresponding to the domain name is obtained from the second domain name server.
  • the second domain name server generally is a domain name server really having a DNS query function, where the first domain name server lies or which is designated.
  • the second domain name server may obtain the IP corresponding to the domain name according to the aforesaid DNS query mechanism, and then generate a response and return it to the first domain name server.
  • the second domain name server may also be set as a domain name server having the DNS query function.
  • Step A 3 after obtaining the response from the second domain name server, resolving the target IP address corresponding to the response, wherein the target IP address is corresponding to the domain name of the webpage request.
  • the second domain name server After obtaining the IP corresponding to the domain name, the second domain name server generates and returns a response including the IP address, and then the first domain name server resolves the response to obtain the IP address corresponding to the domain name.
  • Step A 4 judging according to the predetermined IP address library whether the IP address is in the predetermined IP address library, and generating the identification IP address according to the judgment result, wherein the identification IP address is used to identify whether the target IP address corresponding to the domain name in the webpage request belongs to the predetermined IP address library or not.
  • the generating of the identification IP address according to the judgment result comprises:
  • Step A 31 performing matching calculation between the target IP address and the predetermined IP address library
  • Step A 32 if the IP address is in the predetermined IP address library, returning to the client an identification IP address indicating that the target IP address belongs to the predetermined IP address library;
  • Step A 33 if the IP address is not in the predetermined IP address library, returning to the client an identification IP address indicating that the target IP address does not belong to the predetermined IP address library.
  • the first domain name server of the present application After the first domain name server of the present application obtains the IP address corresponding to the domain name in the client's HTTP request, it performs judgment according to the predetermined IP address library, and then generates the identification IP address based on the judgment result and returns it to the client.
  • a Chinese IP address range library is looked up, whether the IP address is in the predetermined IP address library is judged, and then in view of the judgment result, different identification IP addresses are employed to identify the IP address in order to indicate that whether the IP address is in the predetermined IP address library.
  • different identification IP addresses are employed to identify the IP address in order to indicate that whether the IP address is in the predetermined IP address library.
  • the target IP address corresponding to the domain name is identified in the form of the identification IP address. For example, if the target IP address corresponding to the domain name is a domestic IP, 0.0.0.0 is taken as the identification IP address to indicate that the target IP address corresponding to the domain name is a domestic IP.
  • the present application may identify whether the IP address of the domain name is in the Chinese IP address range in other manners. The present application does not limit this.
  • the target IP address is returned to the client as the identification IP address if the target IP address is not in the Chinese IP address range.
  • the generating of the identification IP address according to the judgment result comprises:
  • Step A 3 if the target IP address belongs to the Chinese IP address range, returning to the client an identification IP address representing that the IP address is in the Chinese IP address range.
  • a response including IP address 0.0.0.0 is returned to the client. It is feasible to return to the client a response including the identification IP address in other prescribed forms.
  • a response including the target IP address corresponding to the domain name is directly returned to the client.
  • Step 130 according to the identification IP address, judging to replace the target IP address corresponding to the domain name in the webpage request with an IP address of a proxy server; and according to the IP address corresponding to the proxy server, sending the webpage access request to the proxy server.
  • the client After the client receives the response including the identification IP address returned by the first domain name server, it resolves the identification IP address from the response, and judges whether it belongs to the predetermined IP address library according to the form of the identification IP address.
  • the access may be performed via proxy when the client accesses a website outside the predetermined IP address library.
  • the judging according to the identification IP address comprises:
  • Step S 131 replacing the target IP address corresponding to the domain name in the webpage request with the IP address of the proxy server if the identification IP address indicates that the target IP address does not belong to the Chinese IP address range;
  • Step S 131 retaining the target IP address corresponding to the domain name in the webpage request if the identification IP address indicates that the target IP address belongs to the Chinese IP address range.
  • the judgment is made based on the form of the identification IP address defined by the client and the first domain name server. For example, in the previous example, the identification IP address in the response is resolved as 0.0.0.0, then the client may judge that the target IP address corresponding to the domain is in the Chinese IP address range; and if the identification IP address is not 0.0.0.0, the client may judge that the target IP address corresponding to the domain name is an address outside the Chinese IP address range, wherein the address range where the client lies is in the Chinese IP address range.
  • the target IP address in the webpage request is replaced with the IP address of the proxy server, i.e., the webpage request, which originally accesses the target IP address corresponding to the domain name in the webpage request, accesses the IP address of the proxy server now.
  • the webpage request performs access according to the target IP address of the page request. That is, the webpage request directly accesses the target IP address corresponding to the domain name in the webpage request.
  • the target IP address of the webpage request is replaced with the IP address of the proxy server by means of the domain name query function.
  • Step 140 according to the IP address corresponding to the proxy server, sending the webpage access request corresponding to the overseas IP address to the proxy server.
  • the client's webpage request to access an IP address outside the predetermined IP address library may be forwarded to the proxy server for accessing.
  • the sending of the webpage access request corresponding to the overseas IP address to the proxy server according to the IP address corresponding to the proxy server comprises:
  • Step C 1 adding a validation protocol to the client's webpage request
  • Step C 2 validating whether the client has right to access the proxy server according to the validation protocol when the proxy server receives the webpage request.
  • the validation protocol is added to the request according to an agreement with the proxy server, thereby ensuring security of content of the webpage request.
  • FIG. 2 illustrated is a flow chart of a method for accessing a website according to an embodiment of the present invention, which comprises:
  • Step 210 receiving a first domain name query request sent by the client;
  • Step 220 constructing a second domain name query request according to the first domain name query request, and sending it to a second domain name server;
  • Step 230 after obtaining a response from the second domain name server, resolving the target IP address corresponding to the response, wherein the target IP address is corresponding to a domain name of the webpage request;
  • Step 240 judging according to the predetermined IP address library whether the IP address is in the predetermined IP address library, and generating the identification IP address according to the judgment result, wherein the identification IP address is used to identify whether the target IP address corresponding to the domain name in the webpage request belongs to the predetermined IP address library or not.
  • Step 250 returning the identification IP address to the client.
  • the step of constructing the second domain name query request according to the first domain name query request and sending it to a second domain name server comprises:
  • Step L 2 constructing the second domain name query request based on the domain name according to a domain name query protocol
  • Step L 3 sending the second domain name query request to the second domain name server.
  • the generating of the identification IP address according to the judgment result comprises:
  • Step M 1 performing matching calculation between the target IP address and the predetermined IP address library
  • Step M 2 if the IP address is in the predetermined IP address library, returning to the client an identification IP address indicating that the target IP address belongs to the predetermined IP address library;
  • Step M 3 if the IP address is not in the predetermined IP address library, returning to the client an identification IP address indicating that the target IP address does not belong to the predetermined IP address library.
  • the target IP address is returned to the client as the identification IP address if it is not in the Chinese IP address range.
  • the method corresponds to the above-mentioned method, and has already been described in detail in the previous steps and will not be repeated here.
  • FIG. 3 illustrated is a structural schematic view of a device for accessing a website according to the present invention, which comprises a client 410 .
  • the client 410 comprises:
  • a domain name reconstructing module 411 configured to construct a first domain name query request according to a domain name in a webpage request of the client, and send the first domain name query request to a first domain name server;
  • an address obtaining module 412 configured to obtain an identification IP address returned by the first domain name server, wherein the identification IP address is used to identify whether an target IP address corresponding to the domain name in the webpage request belongs to a predetermined IP address library or not;
  • a judging module 413 configured to, according to the identification IP address, judge to replace the target IP address corresponding to the domain name in the webpage request with an IP address of a proxy server, and according to the IP address corresponding to the proxy server, send the webpage access request to the proxy server.
  • the domain name reconstructing module comprises:
  • a hooking submodule configured to hook a domain name query function in an operating system by a hook function
  • a request construction submodule configured to construct the first domain name query request for the domain name in the client's webpage request by means of the domain query function
  • a request sending submodule configured to send the first domain name query request to the first domain name server.
  • the sending of the first domain name query request to the first domain name server comprises:
  • the asynchronous I/O mechanism comprises an I/O completion port mechanism.
  • the predetermined IP address library is a Chinese IP address range.
  • the judging module comprises:
  • a first judging submodule configured to replace the target IP address corresponding to the domain name in the webpage request with the IP address of the proxy server if the identification IP address indicates that the target IP address does not belong to the Chinese IP address range;
  • a second judging submodule configured to retain the target IP address corresponding to the domain name in the webpage request if the identification IP address indicates that the target IP address belongs to the Chinese IP address range.
  • the device upon sending the webpage access request to the proxy server according to the IP address corresponding to the proxy server, the device comprises:
  • a security setting module configured to add a validation protocol to the client's webpage request, thereby validating whether the client has right to access the proxy server according to the validation protocol when the proxy server receives the webpage request.
  • the judging to replace the target IP address corresponding to the domain name in the webpage request with the IP address of the proxy server according to the identification IP address comprises:
  • the proxy server is in Education Network.
  • FIG. 4 illustrated is a structural schematic view of a device for accessing a website according to the present invention, which comprises a first domain name server 510 .
  • the first domain name server 510 comprises:
  • a domain name query request receiving module 511 configured to receive a first domain name query request sent by the client
  • a domain name query request processing module 512 configured to construct a second domain name query request according to the first domain name query request, and send it to a second domain name server;
  • a domain name query request response processing module 513 configured to, after obtaining a response from the second domain name server, resolve the target IP address corresponding to the response, wherein the target IP address is corresponding to a domain name of the webpage request;
  • a target IP address judging module 514 configured to judge according to a predetermined IP address library whether the target IP address is in the predetermined IP address library, and generate an identification IP address according to the judgment result, wherein the identification IP address is used to identify whether the target IP address corresponding to the domain name in the webpage request belongs to the predetermined IP address library or not.
  • a returning module 515 configured to return the identification IP address to the client.
  • the domain name query request processing module comprises:
  • a resolving submodule configured to resolve the first domain query request to obtain the domain name of the webpage request
  • a constructing submodule configured to construct the second domain name query request based on the domain name according to a domain name query protocol
  • a sending submodule configured to send the second domain name query request to the second domain name server.
  • the domain name query request response processing module comprises:
  • a matching calculation module configured to perform matching calculation between the target IP address and the predetermined IP address library
  • a first identification IP address retuning module configured to, if the IP address is in the predetermined IP address library, return to the client an identification IP address indicating that the target IP address belongs to the predetermined IP address library;
  • a second identification IP address retuning module configured to, if the IP address is not in the predetermined IP address library, return to the client an identification IP address indicating that the target IP address does not belong to the predetermined IP address library.
  • the second identification IP address retuning module is used to return the target IP address to the client as the identification IP address if it is not in the Chinese IP address range.
  • FIG. 5 illustrated is a structural schematic view of a system for accessing a website according to the present invention, which comprises a client 610 , a first domain name server 620 , and a proxy server 630 .
  • the client 610 comprises:
  • a domain name reconstructing module 611 configured to construct a first domain name query request according to a domain name in a webpage request of the client, and send the first domain name query request to a first domain name server;
  • an address obtaining module 612 configured to obtain an identification IP address returned by the first domain name server, wherein the identification IP address is used to identify whether an target IP address corresponding to the domain name in the webpage request belongs to a predetermined IP address library or not;
  • a judging module 613 configured to, according to the identification IP address, judge to replace the target IP address corresponding to the domain name in the webpage request with an IP address of a proxy server 630 , and according to the IP address corresponding to the proxy server 630 , send the webpage access request to the proxy server 630 ;
  • the first domain name server 620 comprises:
  • a domain name query request receiving module 621 configured to receive a first domain name query request sent by the client
  • a domain name query request processing module 622 configured to construct a second domain name query request according to the first domain name query request, and send it to a second domain name server;
  • a domain name query request response processing module 623 configured to, after obtaining a response from the second domain name server, resolve the target IP address corresponding to the response, wherein the target IP address is corresponding to a domain name of the webpage request;
  • a target IP address judging module 624 configured to judge according to a predetermined IP address library whether the target IP address is in the predetermined IP address library, and generate an identification IP address according to the judgment result, wherein the identification IP address is used to identify whether the target IP address corresponding to the domain name in the webpage request belongs to the predetermined IP address library or not.
  • a returning module 625 configured to return the identification IP address to the client.
  • the embodiment of the system is substantially similar to the previous method embodiment, so it is describer briefly and reference may be made to the corresponding depictions in the above method embodiment.
  • Embodiments of the present description all are described in a progressive manner, cross-reference may be made to identical or similar portions of the embodiments, and each embodiment focuses on differences from other embodiments.
  • Embodiments regarding parts in the present invention may be implemented in hardware, or implemented by software modules running on one or more processors, or implemented in their combinations.
  • a microprocessor or digital signal processor may be used in practice to implement some or all functions of some or all parts of the device for accessing a website according to embodiments of the present invention.
  • the present invention may also be implemented as an apparatus or device program (e.g., computer program and computer program product) for executing part or all methods described here.
  • Such programs for implementing the present invention may be stored in a computer-readable medium, or may be in a form of having one or more signals. Such signals can be obtained by downloading from the Internet, or provided on a carrier signal or provided in any other forms.
  • FIG. 6 illustrates a server, such as an application server, which can implement the method for accessing a website according to the present invention.
  • the server conventionally comprises a processor 610 and a computer program product or computer-readable medium in the form of a memory 620 .
  • the memory 620 may be an electronic memory such as flash memory, EEPROM (Electrically Erasable Programmable Read—Only Memory), EPROM, hard disk, ROM or the-like.
  • the memory 620 has a storage space 630 for a program code 631 for executing any step of the above method.
  • the storage space 630 for the program code may comprise program codes 631 respectively for implementing steps of the above method.
  • These program codes may be read from one or more computer program products or written into one or more computer program products.
  • These computer program products comprise program code carriers such as hard disk, compact disk (CD), memory card or floppy disk.
  • Such computer program products are usually portable or fixed memory units as shown in FIG. 7 .
  • the memory unit may have a storage segment, a storage space or the like arranged in a similar way to the memory 620 in the server of FIG. 6 .
  • the program code may for example be compressed in a suitable form.
  • the memory unit includes a computer-readable code 631 ′, namely, a code readable by a processor for example similar to the processor 610 . When these codes are run by the server, the server is caused to execute steps of the method described above.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Library & Information Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Information Transfer Between Computers (AREA)
US14/388,083 2012-03-31 2013-03-19 Method and system for accessing website Active 2034-06-24 US9883002B2 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
CN201210093093.8A CN102647482B (zh) 2012-03-31 2012-03-31 一种访问网站的方法和***
CN201210093093.8 2012-03-31
CN201210093093 2012-03-31
PCT/CN2013/072843 WO2013143403A1 (zh) 2012-03-31 2013-03-19 一种访问网站的方法和***

Publications (2)

Publication Number Publication Date
US20150237158A1 US20150237158A1 (en) 2015-08-20
US9883002B2 true US9883002B2 (en) 2018-01-30

Family

ID=46660055

Family Applications (1)

Application Number Title Priority Date Filing Date
US14/388,083 Active 2034-06-24 US9883002B2 (en) 2012-03-31 2013-03-19 Method and system for accessing website

Country Status (3)

Country Link
US (1) US9883002B2 (zh)
CN (2) CN102647482B (zh)
WO (1) WO2013143403A1 (zh)

Families Citing this family (49)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102647482B (zh) * 2012-03-31 2015-05-06 北京奇虎科技有限公司 一种访问网站的方法和***
CN102855334B (zh) * 2012-09-29 2016-07-06 北京奇虎科技有限公司 一种浏览器及其获取dns解析数据的方法
CN103037029B (zh) * 2012-12-10 2014-10-01 中国科学院计算机网络信息中心 基于绑定注册的域名whois查询方法和服务***
CN103973506B (zh) * 2013-01-30 2016-10-12 腾讯科技(深圳)有限公司 一种域名校验方法、装置及***
CN103338278A (zh) * 2013-07-15 2013-10-02 星云融创(北京)信息技术有限公司 一种网页浏览加速方法及装置
CN103347089A (zh) * 2013-07-16 2013-10-09 星云融创(北京)信息技术有限公司 一种对网站动态资源和静态资源分离加速的方法及装置
CN104580540B (zh) * 2013-10-09 2018-11-23 腾讯科技(深圳)有限公司 网站访问的实现方法和装置
CN104933045B (zh) * 2014-03-17 2019-08-09 腾讯科技(深圳)有限公司 网络信息浏览方法及网络信息浏览装置
CN104010051B (zh) * 2014-06-05 2017-12-08 胡汉强 一种访问网络的方法及管理服务器
CN104509066B (zh) * 2014-06-05 2017-10-27 胡汉强 一种访问网络的方法及网络设备、管理服务器
CN104735174B (zh) * 2015-03-30 2018-04-13 北京奇艺世纪科技有限公司 一种http透明代理的实现方法及装置
CN106411819B (zh) * 2015-07-30 2020-09-11 阿里巴巴集团控股有限公司 一种识别代理互联网协议地址的方法及装置
WO2017142799A2 (en) * 2016-02-15 2017-08-24 Michael Wood System and method for blocking persistent malware
CN105915639B (zh) * 2016-06-06 2020-08-04 腾讯科技(深圳)有限公司 页面访问方法及装置
CN106598881B (zh) * 2016-12-20 2020-10-09 北京小米移动软件有限公司 页面处理方法及装置
CN107682465A (zh) * 2017-06-24 2018-02-09 平安科技(深圳)有限公司 域名解析装置、方法及计算机可读存储介质
CN109246164A (zh) * 2017-07-10 2019-01-18 中兴通讯股份有限公司 一种基于云虚拟化网络的访问方法、装置及***
CN107562460A (zh) * 2017-09-05 2018-01-09 合肥爱吾宠科技有限公司 网站制作方法
CN108156220B (zh) * 2017-12-04 2021-12-03 北京小米移动软件有限公司 通信方法及装置
CN109981803B (zh) * 2017-12-27 2022-04-29 中兴通讯股份有限公司 业务请求处理方法及装置
CN108769278B (zh) * 2018-04-11 2021-08-10 北京中科闻歌科技股份有限公司 一种社交媒体账号管理方法及***
CN109088764B (zh) * 2018-08-15 2022-04-22 郑州悉知信息科技股份有限公司 访问请求处理方法及相关设备
CN109005118A (zh) * 2018-08-21 2018-12-14 中国平安人寿保险股份有限公司 查找cdn源站地址的方法、装置、计算机设备和存储介质
CN109617977B (zh) * 2018-12-24 2021-12-03 绿盟科技集团股份有限公司 一种网页请求处理方法及装置
CN109729187B (zh) * 2019-01-09 2022-08-30 广州视源电子科技股份有限公司 一种代理通信方法、***、装置及存储介质
CN113545020B (zh) * 2019-03-29 2022-07-22 华为技术有限公司 一种数据处理方法及其装置
JP7309418B2 (ja) * 2019-03-29 2023-07-18 キヤノン株式会社 通信装置、通信装置の制御方法及びプログラム
CN110113440B (zh) * 2019-04-15 2022-06-03 北京奇艺世纪科技有限公司 一种请求响应方法、装置及终端
CN112019584B (zh) * 2019-05-31 2022-05-31 阿里巴巴集团控股有限公司 资源访问控制方法、装置及计算机***
CN110602048B (zh) * 2019-08-14 2022-06-03 中国平安财产保险股份有限公司 防止域名劫持的方法、装置及计算机设备
CN112583780B (zh) * 2019-09-30 2023-04-07 北京国双科技有限公司 使用代理ip访问网站数据的方法、装置、***和设备
CN110851753B (zh) * 2019-11-07 2023-09-26 亿企赢网络科技有限公司 一种网站的访问方法、装置、设备及存储介质
CN111083196B (zh) * 2019-11-14 2022-07-12 北京无限光场科技有限公司 信息转发方法、装置和电子设备
CN111092863B (zh) * 2019-11-29 2022-12-23 视联动力信息技术股份有限公司 访问互联网网站的方法、客户端、服务器、设备及介质
CN111082977B (zh) * 2019-11-29 2023-04-07 北京金山云网络技术有限公司 Ip地址的获取方法、装置和终端设备
CN111031026A (zh) * 2019-12-09 2020-04-17 杭州安恒信息技术股份有限公司 一种dga恶意软件感染主机检测方法
CN112995046B (zh) * 2019-12-12 2023-05-26 上海云盾信息技术有限公司 一种内容分发网络流量管理方法及设备
CN111131436B (zh) * 2019-12-20 2022-08-30 广州品唯软件有限公司 快速查找代理方法、装置和可读存储介质
CN112104744B (zh) * 2020-03-30 2022-09-09 厦门网宿有限公司 流量代理方法、服务器及存储介质
CN111641701B (zh) * 2020-05-25 2023-07-14 深信服科技股份有限公司 一种数据保护的方法及装置、设备、存储介质
CN112272158A (zh) * 2020-09-16 2021-01-26 厦门网宿有限公司 一种数据代理方法、***及代理服务器
CN112650802A (zh) * 2020-12-22 2021-04-13 浪潮云信息技术股份公司 政务数据的对接方法和装置
CN113239301B (zh) * 2021-04-22 2023-02-07 维沃移动通信(杭州)有限公司 页面加载请求方法、装置和电子设备
CN113438336B (zh) * 2021-06-24 2022-07-08 平安科技(深圳)有限公司 网络请求方法、装置、设备和存储介质
CN113992749B (zh) * 2021-10-08 2024-05-14 浪潮云信息技术股份公司 一种基于go语言的http反向代理方法及***
CN114726616A (zh) * 2022-04-07 2022-07-08 京东科技信息技术有限公司 一种网站访问请求的处理方法及装置
CN114760267B (zh) * 2022-04-08 2024-03-19 ***通信集团陕西有限公司 域名封堵方法、装置、设备、介质及程序产品
CN116186457B (zh) * 2023-04-21 2024-02-06 京东科技信息技术有限公司 网页访问和网页开发的方法、装置、电子设备及介质
CN117938942B (zh) * 2024-03-20 2024-05-28 中国科学院空天信息创新研究院 服务注册发现方法、装置、设备、介质及程序产品

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001003356A1 (en) 1999-07-02 2001-01-11 Ericsson, Inc. Flexible method of error protection in communications systems
US20070261067A1 (en) * 2006-04-20 2007-11-08 Microsoft Corporation Winsock APIs
US20090328139A1 (en) * 2007-06-14 2009-12-31 Ricoh Company, Ltd. Network communication device
US20110026537A1 (en) * 2008-03-20 2011-02-03 Telefonaktiebolaget Lm Ericsson (Publ) Method and Apparatus for Communication of Data Packets between Local Networks
US20110191451A1 (en) * 2010-01-29 2011-08-04 Hon Hai Precision Industry Co., Ltd. Cable modem and multimedia terminal adapter parameter configuration file configuring method
US20110207433A1 (en) * 2010-02-24 2011-08-25 Fujifilm Corporation Web server constituting single sign-on system, method of controlling operation of same, and recording medium storing program for controlling operation of same
US20130173769A1 (en) * 2011-12-30 2013-07-04 Time Warner Cable Inc. System and method for resolving a dns request using metadata

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH11110324A (ja) * 1997-10-07 1999-04-23 Hitachi Ltd 代理サーバ選択装置および代理サーバ
JP2010183242A (ja) * 2009-02-04 2010-08-19 Kddi Corp 通信装置およびdnsプロキシサーバ
CN101610294A (zh) * 2009-07-15 2009-12-23 浪潮电子信息产业股份有限公司 一种利用智能dns提高网站访问速度的方法
CN101741902B (zh) * 2009-11-24 2012-09-05 候万春 向互联网终端提供快速访问互联网服务器的***和方法
CN101764855A (zh) * 2009-12-30 2010-06-30 福建星网锐捷网络有限公司 一种提供域名解析服务的方法、装置及***
CN102025793A (zh) * 2010-01-22 2011-04-20 ***通信集团北京有限公司 一种ip网络中的域名解析方法、***及dns服务器
CN102215228A (zh) * 2011-05-31 2011-10-12 北京亿赞普网络技术有限公司 一种基于电信级网络平台的Web服务独立用户识别方法
CN102647482B (zh) * 2012-03-31 2015-05-06 北京奇虎科技有限公司 一种访问网站的方法和***

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2001003356A1 (en) 1999-07-02 2001-01-11 Ericsson, Inc. Flexible method of error protection in communications systems
US20070261067A1 (en) * 2006-04-20 2007-11-08 Microsoft Corporation Winsock APIs
US20090328139A1 (en) * 2007-06-14 2009-12-31 Ricoh Company, Ltd. Network communication device
US20110026537A1 (en) * 2008-03-20 2011-02-03 Telefonaktiebolaget Lm Ericsson (Publ) Method and Apparatus for Communication of Data Packets between Local Networks
US20110191451A1 (en) * 2010-01-29 2011-08-04 Hon Hai Precision Industry Co., Ltd. Cable modem and multimedia terminal adapter parameter configuration file configuring method
US20110207433A1 (en) * 2010-02-24 2011-08-25 Fujifilm Corporation Web server constituting single sign-on system, method of controlling operation of same, and recording medium storing program for controlling operation of same
US20130173769A1 (en) * 2011-12-30 2013-07-04 Time Warner Cable Inc. System and method for resolving a dns request using metadata

Non-Patent Citations (6)

* Cited by examiner, † Cited by third party
Title
English translation of abstract only of Chinese application CN101741902A, Title: System and method for Internet terminal to quickly access to Internet server, Publication date: Jun. 16, 2010, Country: CN, Inventors: Hou Wan Chun, one page.
English translation of abstract only of Chinese application CN101764855A, Title: Method, device and system for providing domain name resolution services, Publication date: Jun. 30, 2010, Country: CN, Inventors: Wang Xiaofeng, one page.
English translation of abstract only of Chinese application CN102215228A, Title: Web service unique user identification method based on carrier-class network platform, Publication date: Oct. 12, 2011, Country: CN, Inventors: Liushu Liang et al, one page.
English translation of abstract only of Japanese application JP2010-183242A, Title: Communication Device and DNS Proxy Server, Publication date: Aug. 19, 2010, Country: Japan, Inventors: Hei Yuichiro, one page.
International Search Report regarding Chinese International Application No. PCT/CN2013/072843 dated Jun. 27, 2013, 4 pages.
Rodriguez et al. "Session Level Techniques for Improving Web Browsing Performance on Wireless Links", May 17, 2004-May 22, 2004. Retrieved on Oct. 28, 2016 from <http://wwwconference.org/www2004/docs/lp121.pdf>. *

Also Published As

Publication number Publication date
CN102647482B (zh) 2015-05-06
US20150237158A1 (en) 2015-08-20
WO2013143403A1 (zh) 2013-10-03
CN104901943A (zh) 2015-09-09
CN102647482A (zh) 2012-08-22

Similar Documents

Publication Publication Date Title
US9883002B2 (en) Method and system for accessing website
US10667101B2 (en) Contextual deep linking of applications
US9426200B2 (en) Updating dynamic content in cached resources
US7984186B2 (en) Method, system, and apparatus for discovering user agent DNS settings
US9444899B2 (en) Use of internet information services logging to collect user information in an asynchronous manner
US8862777B2 (en) Systems, apparatus, and methods for mobile device detection
US20150281111A1 (en) Implementation of a service that coordinates the placement and execution of containers
US9225731B2 (en) System for detecting the presence of rogue domain name service providers through passive monitoring
US20080034404A1 (en) Method and system for validating site data
US20130269042A1 (en) Optimizing security seals on web pages
CN112703496B (zh) 关于恶意浏览器插件对应用用户的基于内容策略的通知
CN103491543A (zh) 通过无线终端检测恶意网址的方法、无线终端
US20130198409A1 (en) Efficient implementation of user-provided dns names
CN109634753B (zh) 切换浏览器内核的数据处理方法、装置、终端和存储介质
CN111090449A (zh) Api服务的访问方法、装置及电子设备
US8407802B2 (en) Method and system for providing security seals on web pages
US10104116B2 (en) System for detecting link spam, a method, and an associated computer readable medium
CN105515882B (zh) 网站安全检测方法及装置
US20120151313A1 (en) User-specific customization of web pages
US20150304442A1 (en) Website product integration and caching via domain name routing rules
CN114301872B (zh) 基于域名的访问方法及装置、电子设备、存储介质
US20150304235A1 (en) Allocating and accessing website resources via domain name routing rules
US10659424B2 (en) Determining status of domain name registration
CN110855782A (zh) 一种服务调用***、方法、电子设备及可读存储介质
CN106713217B (zh) 一种验证方法和装置

Legal Events

Date Code Title Description
AS Assignment

Owner name: BEIJING QIHOO TECHNOLOGY COMPANY LIMITED, CHINA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:DONG, BINYAN;SUN, PENG;REN, HUAN;REEL/FRAME:033887/0872

Effective date: 20140923

STCF Information on status: patent grant

Free format text: PATENTED CASE

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1551); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 4